Amendment and Response 

Applicant: Siani Lynne Pearson 
Serial No.: 10/817,333 
Filed: April 2, 2004 
Docket No.: 300201526-2 

Title: METHOD OF PURCHASING INSURANCE OR VALIDATING AN ANONYMOUS TRANSACTION 

IN THE CLAIMS 

Please amend claims 1,14, and 17 as follows: 

1 . (Currently Amended) A method of conducting a transaction between a first entity and 
a second entity where as part of the transaction the second entity requires information to 
assess a level of risk associated with transacting with the first entity, the method comprising: 

a first data processor acting on behalf of the first entity requesting a second data 
processor acting on behalf of the second entity to provide trust data about a trust level of the 
second data processor; 

the first data processor acting on behalf of the first entity analyzing the trust data and 
determining an assessment of trust of the second data processor operating on behalf of the 
second entity; 

defining a pseudonymous identity for the first entity; and 

providing real data about the first entity to the second entity where the real data is 
selectively generalized and converted into mapped data that is accurate but less precise than 
the real data where an amount of precision is determined in response to the assessment of 
trust. 

2. (Previously Presented) A method of conducting a transaction as claimed in claim 1, 
in which the method further comprises entering into a contract for the transaction based on 
the mapped data provided about the first entity such that the identity of the first entity 
remains unknown to the second entity. 

3. (Original) A method as claimed in claim 1, in which the transaction is the purchase of 
insurance, and for a given type of insurance the pseudonymous identity is associated with 
sufficient information to enable the insurer or an insurance examination agent to assess a 
level of risk for pricing or issuing an insurance. 

4. (Previously Presented) A method as claimed in claim 3, in which, when seeking to 
claim on the insurance policy, the real data and a true identity pertaining to the first entity are 
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made available to the insurer in order that the insurer can validate that there is an acceptable 
level of correlation between the pseudonymous identity and the first entity. 

5. (Original) A method as claimed in claim 1, in which the first entity submits their 
information or responses via a trusted computer, and wherein a trusted platform module 
within the trusted computer generates a user identity which can be used in future to confirm 
the identity of the first entity. 

6. (Previously Presented) A method as claimed in claim 1, in which the first entity 
enters the real data onto a trusted computer together with their policy agent which defines 
how information relating to the first entity can be disclosed. 

7. (Previously Presented) A method as claimed in claim 4, in which the transaction 
relates to the purchase of insurance and the policy agent communicates with an insurance 
examination agent in order to negotiate and authorize an insurance policy. 

8. (Previously Presented) A method as claimed in claim 5, in which the transaction 
relates to the purchase of insurance and the trusted computing platform module and a server 
running the examination agent authenticate with one another such that the policy issued to the 
first entity via the pseudonymous identity is linked to an identity used in the authentication or 
to a further identifier provided by the first entity. 

9. (Previously Presented) A method as claimed in claim 1, in which the generalized data 
is generated by a generalizing agent acting in accordance with a user's security policy. 

10-13 (Cancelled) 

14. (Currently Amended) An apparatus for conducting a transaction comprising a first 
data processor acting on behalf of a first entity and a second data processor acting on behalf 
of a second entity, and where as part of the transaction the second entity or an examination 
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agent operating on behalf of the second entity requires information to assess a level of risk 
associated with transacting with the first entity, wherein: 

the first data processor requests the second data processor to provide information 
about a trust level of the second data processor and security policies of the second entity; 

the first data processor analyses the trust level and the security policies and assesses 
the amount of trust that should be attributed to the second data processor and/or the second 
entity; 

the first data processor defines a pseudonymous identity for the first entity; and 
the first data processor provides real information about the first entity to the second 
data processor where the real information is associated with the pseudonymous identity and 
where the real information is selectively generalized and converted into mapped information 
that is accurate but less precise than the real information where an amount of precision is 
determined in response to the assessment of the amount of trust attributed to the second data 
processor and/or the second entity. 

15. (Previously Presented) An apparatus as claimed in claim 14, in which the first 
computer executes a policy agent which controls how the real information relating to the first 
entity is disclosed. 

16. (Original) An apparatus as claimed in claim 14, in which the first computer has a 
trusted platform module which generates a user identity which can be used to confirm the 
identity of the first entity. 

1 7. (Currently Amended) The method of conducting a transaction between a first entity 
and a second entity according to claim 1 wherein the second entity comprises a selected one 
of a plurality of prospective second parties and wherein the first data processor acting on 
behalf of the first entity requests one or more data processors acting on behalf of each of the 
prospective second party to provide data about itself; 

the first data processor acting on behalf of the first entity analyzing responses and 
determining an assessment of trust of the data processor operating on behalf of each 
prospective second party; 
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defining a pseudonymous identity for the first entity; and 

providing data about the first entity to a group of the prospective second parties where 
data is selectively generalized for each prospective second party in said group of prospective 
second parties and converted into mapped data that is accurate but less precise than the data 
where an amount of precision is determined in response to the assessment of trust associated 
with each data processor operating on behalf each of said group of second parties. 

1 8. (Previously Presented) The method of claim 1 wherein the first entity is a customer 
and the second entity is an insurer, and including: 

the insurer making its conditions for insurance available to a third party; 

a customer making responses to insurance questions available to the third party, 

the third party analyzing the responses and determining whether insurance can be 
offered to the customer based on the conditions for insurance, and if so validating to the 
insurer that a policy has been issued to the customer and that the customer satisfies the 
conditions for insurance, wherein 

the customer enters real data onto a trusted computer together with a policy agent that 
defines how information relating to the customer can be disclosed to the third party, and the 
trusted computer interrogates a data processing environment and policies of the third party to 
determine a trust level of the third party. 

19. (Previously Presented) The method as claimed in claim 18 wherein the insurer and 
customer are each acting on behalf of themselves. 
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